티스토리 뷰
반응형
Sometimes we want to find out where in a module the code parsing is done. In the example below, we want to find the code that parses the QuickTime video codecs that are in Windows media player. We know that the codecs support the raw, rle, jpeg, mjpb, and rpza tags, so all we need to do is to search for those tags in our module--in this case, the "quartz.dll" module.
The OllyEye hunter knows that it should check for the video codec’s tags such as code.equals ("rpza") and that in assembly it should be done with the CMP command that represents it. For this reason, it searches for the CMP command that matches the 'rpza' keyword.
The OllyEye hunter knows that it should check for the video codec’s tags such as code.equals ("rpza") and that in assembly it should be done with the CMP command that represents it. For this reason, it searches for the CMP command that matches the 'rpza' keyword.
'Reversing tools > 올리 플러그인' 카테고리의 다른 글
FullDisasm v2.1 (2) | 2009.02.28 |
---|---|
StrongOD 0.2.3.322 (0) | 2009.02.28 |
StrongOD 0.2.3.305 (0) | 2009.02.15 |
FullDisasm_OllyDbg v2.0 (0) | 2009.02.15 |
advancedolly1.28 (0) | 2009.01.29 |
X_CRYPTO v1.2 (0) | 2009.01.17 |
ODbgScript.1.66.3.VC6 (0) | 2009.01.11 |
댓글
반응형
최근에 올라온 글
최근에 달린 댓글
- Total
- Today
- Yesterday
링크
TAG
- OllyScriptEditor
- ollydbg mup
- Unpacker
- ProtectionID
- 패처
- vmprotect
- Unpacking
- ODbgScript
- Memory Hacking Software
- ollydbg ScriptEditor
- 미친소 수입반대
- 리버스 엔지니어링
- OllyDbg Plugins
- 언패킹
- ollydbg scripts
- Themida
- PECompact
- ollydbg PLUGIN
- crack
- StrongOD
- 리버싱은 내운명
- OllyDbg
- 한글화
- ASProtect 1.32 - 1.41
- plugin
- 미니 노트북
- DUP2
- TTprotect
- Reverse Engineering
- exeinfo pe
일 | 월 | 화 | 수 | 목 | 금 | 토 |
---|---|---|---|---|---|---|
1 | 2 | 3 | 4 | |||
5 | 6 | 7 | 8 | 9 | 10 | 11 |
12 | 13 | 14 | 15 | 16 | 17 | 18 |
19 | 20 | 21 | 22 | 23 | 24 | 25 |
26 | 27 | 28 | 29 | 30 | 31 |
글 보관함